Simple Network Management Protocols

 

urls:

http://www.wtcs.org/snmp4tpc/informat.htm

http://net-snmp.sourceforge.net/ – info on UCD-SNMP.

 

SNMP is a protocol used to write network management software.  It is a TCP/IP protocol, and uses UDP, since a degraded network might not be able to sustain a TCP connection.   SNMP requires a client program, running on a host, called a network manager. The network manager controls a MIB, which is a database. Each data item in a MIB is called an OID (Object Identifier). OIDs are located within the database by numerical values separated by dots or by a set of names separated by dots. An OID might contain a value indicating  the state of a managed object on a network, which might be a terminal concentrator, a router, an Oracle database, the cpu on a printer, or any other software, hardware or firmware that is part of a network!  The decision about what OIDs to include in a  MIB is made by the programmer.  SNMP also requires server programs called SNMP agents running on each object monitored by the network manager. These agents are provided by the manufacturer of the hardware or by a software vendor, and collect information about the state of the device on which they run.  The network manager queries agents in order to get information to put into the MIB.  With SNMP it is possible to directly read information from a MIB using the "snmpget" command, or to set a writable MIB using the "snmpset" command.  It is possible to move around the MIB using "snmpwalk". Devices may also send "traps" to the MIB. A trap is an unsolicited message containing information to store in an OID. Each OID is defined by its Syntax (such as an ASCII string, an integer etc), by an Object (simply a name) by a definition, an access level, which may be read-only, write-only, not-accessible or read/write, and a status of Mandatory, Optional or Obsolete,  which indicates whether that information must be collected or not.

 

The MIB is organized using an information tree, each branch of which is labeled by name, and by a number, which is unique to that level of the tree.  The upper branches of the tree designate Internet organizations.  All private enterprises start with the prefix

iso.org.dod.internet.private.enterprise (1.3.6.1.4.1). Below that level each corporation writing SNMP software has a number and name. Thus 1.3.6.1.4.1.9 are the numerical designators for the tree iso.org.dod.internet.private.enterprise.cisco.  These numbers were set up over 10  years ago, so some of the designators, like 5 1.3.6.4.1.53 (Apollo Computers) are no longer useful. Vendors can therefore write modules which fit into an existing SNMP structure. 

 

Below this top tree, developers are free to incorporate any OIDs wanted.  The OID must be correctly defined in ASN.1, the MIB programming language with all 5 of the required characteristics (Object, Syntax, Definition, Access and Status).

 

Depending on the type of software, an SNMP program may monitor network activity such as packets sent between two hubs, number of runts packets received by an interface etc., and it may even contain information which is collected by a hardware device put on the network to monitor it.  It may also monitor one or more nodes on a network for such features as disk usage or CPU activity.

 

Acronyms:

ASN.1 – Abstract Syntax Notation 1 – language in which MIBS are cached.

CMIP – Common Management Information Protocol – another type of management protocol – not SNMP.

MIB – Management Information Base – a set of OIDs contained in a database, and managed by a network manager. – the variables to be managed by NMS (2).

NMS – Network Management System – SNMP software which displays the information collected by the network manager.

OID – Object Identifier – a numeric identifier of an object in the MIB containing a value.

RMON – Remote MONitoring – specifications for SNMP

RMON1 – specifications for monitoring traffic flow by LAN protocols. It runs between hubs or ports at the data link/physical layers of the OSI/ISO model.

RMON2 – specifications  handles the TCP/IP Internet, Transport and Application layers.

SMC – Sun Management Center – Sun's network management station program; not to be confused with Solaris Management Console, which is included in Solaris 8, and is a system administration tool similar to admintool.

SMI – Structure of Management Information – a protocol for designing NMSs.

SNMP – Simple Network Management Protocol – a protocol for monitoring software.

TDR – Time Domain Reflectometer – a piece of hardware which tests cable for faults using sound. It also measures its electrical characteristics.

Definitions:

agent – a server program running on a device which is to be monitored.

network manager/ SNMP manager/SNMP application – a client program running on a host, which makes connections to agents for the purpose of collecting or setting values in them.

network elements – any networked device, including routers, printers, switches, cables and hosts which runs an agent.

snmpdx – the snmp daemon. It runs on UDP, port 161. (Must use UDP  - a degraded network may not be able to run TCP.)

SNMP community – a collection of software on a network, including agents and managers. Its membership is usually defined by the network administrator.  This is a security concept, since all software in the community will share a password that allows them to validate queries.

read_community_string – the password to "snmpget" a value.. Out of the box, the read community string is "public". All software on a network, belonging to the SNMP community, will share the same password.

write community string – the password to "snmpset" a value. Out of the box, the write community string is  "private."

Commands:

snmpwalk <system> <read_community_string > 

e.g.

snmpwalk potato public

snmpget <system> < read_community_string>  <string of numbers designating an OID tree>

e.g.

snmpget potato public  1.3.1.2.1.1.4.0

snmptranslate – view MIB tree

Files:

/etc/snmp/conf/snmpd.conf – snmpd configuration file.

/etc/snmp/conf/enterprises.oid – businesses with OID identifiers

/var/snmp/mib/sun.mib  - sun microsystem's MIB

Misc:

SNMP functions: -        "get" polls devices for information on parameters.

                                    "set" changes information on a managed device, which must be

 writable.

trap – when a device sends unsolicited information to a

management station.

 

Differences between version 1 and 2 of SNMP

 

v2 can do a "get bulk" which gets a bunch of values at once. It has the read community string to enhance security, and has an "informed request" – a management station to management station communication.

 

What can be managed with SNMP software: number of runts, total network traffic, percentage of CPU being used…

Hosted by www.Geocities.ws

1